--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py Tue Jan 16 14:35:46 2024 +0100
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py Tue Jan 16 18:24:06 2024 +0100
@@ -35,6 +35,10 @@
"dill.Unpickler",
"shelve.open",
"shelve.DbfilenameShelf",
+ "jsonpickle.decode",
+ "jsonpickle.unpickler.decode",
+ "jsonpickle.unpickler.Unpickler",
+ "pandas.read_pickle",
],
"M",
),
@@ -101,26 +105,12 @@
"S306": (["tempfile.mktemp"], "M"),
"S307": (["eval"], "M"),
"S308": (["django.utils.safestring.mark_safe"], "M"),
- "S309": (
- [
- "httplib.HTTPSConnection",
- "http.client.HTTPSConnection",
- "six.moves.http_client.HTTPSConnection",
- ],
- "M",
- ),
"S310": (
[
- "urllib.urlopen",
"urllib.request.urlopen",
- "urllib.urlretrieve",
"urllib.request.urlretrieve",
- "urllib.URLopener",
"urllib.request.URLopener",
- "urllib.FancyURLopener",
"urllib.request.FancyURLopener",
- "urllib2.urlopen",
- "urllib2.Request",
"six.moves.urllib.request.urlopen",
"six.moves.urllib.request.urlretrieve",
"six.moves.urllib.request.URLopener",
@@ -130,6 +120,7 @@
),
"S311": (
[
+ "random.Random",
"random.random",
"random.randrange",
"random.randint",
@@ -181,7 +172,6 @@
"S321": (["ftplib.*"], "H"),
"S322": (["input"], "H"),
"S323": (["ssl._create_unverified_context"], "M"),
- "S324": (["os.tempnam", "os.tmpnam"], "M"),
}
)
